This incredible framework automates many of the tasks that had previously been done manually. Fully extensible and open source w3af uses a myriad of plugins to provide a fully customizable testing experience. The authors of the tool created it to be very user friendly for those new at testing, as well as those who are expert penetration testers. If the plugin you need is not already available, then simply create it yourself and save tons of time on all future tests. w3af is constantly updated and improved. The plugin types that w3af includes cover discovery, brute forcing, auditing, and even evasion. The framework also includes auto update features to ensure that you always have the latest and greatest installed and ready to run. Learn more about this tool at w3af.sourceforge.net.

As expected, the BackTrack development team has preinstalled w3af. Open up your BackTrack virtual machine and select: Applications | BackTrack | Vulnerability Assessment...